On May 26, 2023, Nonstop Administration and Insurance Services (“Nonstop”) filed a notice of data breach on behalf of Eisner Health after learning that a 2022 cyberattack compromised confidential information belonging to Eisner Health patients. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, Social Security numbers and protected health information. After confirming that consumer data was leaked, Eisner began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.
If you received a data breach notification from Nonstop Administration and Insurance Services or Eisner Health, it is essential you understand what is at risk and what you can do about it. As we’ve discussed in previous posts, third party data breaches such as the Nonstop / Eisner Health breach are becoming increasingly common as companies outsource more services. However, the fact that a third party was responsible for a breach doesn’t mean that the third party doesn’t have a duty to protect the confidential information in its possession. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the Eisner Health data breach, reach out to a data breach lawyer.
News of the Eisner Health data breach is still fresh; however, what we know at this point comes from the company’s filing with the Attorney General of California. Nonstop also submitted similar data breach notifications on behalf of other companies that Nonstop has provided services to. According to these sources, on December 22, 2022, Nonstop was informed by an anonymous party that they were able to access and remove confidential data from the company’s computer network. In response, Nonstop launched an investigation with the assistance of third-party cybersecurity specialists.
The Nonstop investigation confirmed that an unauthorized party accessed a Nonstop cloud services platform without authorization on December 22, 2022. Nonstop was also able to determine that some of the files that were accessible to the unauthorized party contained confidential information belonging to Eisner patients.
Upon discovering that sensitive consumer data was made available to an unauthorized party, Eisner Health began to review the affected files to determine what information was compromised and which consumers were impacted. Nonstop completed this process on January 30, 2023. While the breached information varies depending on the individual, it may include your name, Social Security number and protected health information.
On May 26, 2023, Nonstop sent out data breach letters on behalf of Eisner Health to all individuals whose information was compromised as a result of the recent data security incident.
Founded in 1920 as the Anita M. Baldwin Hospital for Babies, Eisner Health is a nonprofit community health center located in Los Angeles, California. Eisner Health operates nine locations in Los Angeles, Van Nuys, Sherman Oaks, Lynwood and Panorama City. Eisner Health employs more than 358 people and generates approximately $30 million in annual revenue.